Appl. No. 10/813,248 

Amdt. dated February 23, 2010 

Reply to Office Action of November 23, 2009 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1 . (Currently Amended) In a computing device, a method for protecting sensitive files from 
unauthorized access, comprising: 

detecting a connection of the computing device to an electronic device; 
accessing an authorized connection list; 

determining whether the connection is identified in the authorized connection list; and 
if the connection is not identified in the authorized connection list: 

accessing sensitive file information which identifies at least one sensitive file 

stored on the computing device , wherein the sensitive file is not identified 
until after the connection has been identified as not being in the authorized 
connection list ; and 

preventing access to the at least one sensitive file identified by the sensitive file 
information by performing an access prevention task after the connection 
is not identified in the authorized connection list, wherein the at least one 
sensitive file continues to be stored on the computing device. 

2. (Original) The method of claim 1, wherein if the connection is not identified in the 
authorized connection list the method further comprises: 

detecting termination of the connection; and 

if the computing device does not have any other unauthorized connections, restoring 

access to the at least one sensitive file identified by the sensitive file information. 

3. (Original) The method of claim 1, wherein the connection occurs via a computer network. 

4. (Original) The method of claim 3, wherein the network is a wireless network, and 
wherein the computing device is a mobile computing device. 
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5. (Original) The method of claim 1, wherein the connection is a direct connection. 

6. (Previously Presented) The method of claim 1, wherein the access prevention task 
comprises locking the at least one sensitive file. 

7. (Previously Presented) The method of claim 1, wherein the access prevention task 
comprises encrypting the at least one sensitive file. 

8. (Previously Presented) The method of claim 1, wherein the computing device comprises a 
storage device, and wherein the access prevention task comprises moving the at least one 
sensitive file to a host-protected area of the storage device. 

9. (Original) The method of claim 1, wherein the sensitive file information is a reference to 
a directory in which the at least one sensitive file is stored. 

10. (Original) The method of claim 1, wherein the sensitive file information is a list of the at 
least one sensitive file. 

11. (Original) The method of claim 1, wherein the authorized connection list comprises a list 
of at least one authorized network. 

12. (Original) The method of claim 1, wherein the authorized connection list comprises a list 
of at least one authorized connection type. 

13. (Currently Amended) In an administrative system which distributes software to a plurality 
of computing devices on an enterprise network, a method comprising: 

providing a security agent, wherein after installation on a computing device the security 
agent is configured to implement a method comprising: 
detecting a connection of the computing device to an electronic device; 

Attorney Docket No.: 3408.2.8 
Customer No.: 21552 

Page 3 of 10 



Appl. No. 10/813,248 

Amdt. dated February 23, 2010 

Reply to Office Action of November 23, 2009 

accessing an authorized connection list; 

determining whether the connection is identified in the authorized connection list; 
and 

if the connection is not identified in the authorized connection list: 

accessing sensitive file information which identifies at least one sensitive 
file stored on the computing device , wherein the sensitive file is 
not identified until after the connection has been identified as not 
being in the authorized connection list ; and 
preventing access to the at least one sensitive file identified by the 

sensitive file information by performing an access prevention task 
after the connection is not identified in the authorized connection 
list, wherein the at least one sensitive file continues to be stored on 
the computing device; and 
transmitting the security agent to the plurality of computing devices via the enterprise 
network. 

14. (Original) The method of claim 13, further comprising: 
providing the authorized connection list; 

providing the sensitive file information; and 

transmitting the authorized connection list and the sensitive file information to the 
plurality of computing devices via the enterprise network. 

15. (Currently Amended) A computing device that is configured for protecting sensitive files 
from unauthorized access, comprising: 

a processor; 

memory in electronic communication with the processor; and 
instructions stored in the memory, the instructions being executable to: 

detect a connection of the computing device to an electronic device; 
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access an authorized connection list; 

determine whether the connection is identified in the authorized connection list; 
and 

if the connection is not identified in the authorized connection list: 

access sensitive file information which identifies at least one sensitive file 
stored on the computing device , wherein the sensitive file is not 
identified until after the connection has been identified as not being 
in the authorized connection list ; and 
prevent access to the at least one sensitive file identified by the sensitive 
file information by performing an access prevention task after the 
connection is not identified in the authorized connection list, 
wherein the at least one sensitive file continues to be stored on the 
computing device. 

16. (Currently Amended) The computing device of claim 15, wherein if the connection is not 
identified in the authorized connection list the instructions are being further executable to: 

detect[[ing]] termination of the connection; and 

if the computing device does not have any other unauthorized connections, restore[[ing]] 
access to the at least one sensitive file identified by the sensitive file information. 

17. (Previously Presented) The computing device of claim 15, wherein the access prevention 
task comprises at least one of locking the at least one sensitive file, encrypting the at least one 
sensitive file, and moving the at least one sensitive file to a host-protected area of a storage 
device. 

18. (Currently Amended) A computer-readable medium for storing program data, wherein the 
program data comprises executable instructions, the executable instructions being executable to: 

detect a connection of a computing device to an electronic device; 
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access an authorized connection list; 

determine whether the connection is identified in the authorized connection list; and 
if the connection is not identified in the authorized connection list: 

access sensitive file information which identifies at least one sensitive file stored 
on the computing device , wherein the sensitive file is not identified until 
after the connection has been identified as not being in the authorized 
connection list ; and 
prevent access to the at least one sensitive file identified by the sensitive file 

information by performing an access prevention task after the connection 
is not identified in the authorized connection list, wherein the at least one 
sensitive file continues to be stored on the computing device. 

19. (Currently Amended) The computer-readable medium of claim 18, wherein if the 
connection is not identified in the authorized connection list the executable instructions are being 
further executable to: 

detect[[ing]] termination of the connection; and 

if the computing device does not have any other unauthorized connections, restore[[ing]] 
access to the at least one sensitive file identified by the sensitive file information. 

20. (Previously Presented) The computer-readable medium of claim 18, wherein the access 
prevention task comprises at least one of locking the at least one sensitive file, encrypting the at 
least one sensitive file, and moving the at least one sensitive file to a host-protected area of a 
storage device. 
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